From 0d7b503f8a11237fa129ae7baa2d979d64b9ab68 Mon Sep 17 00:00:00 2001 From: Sona Mathew Date: Tue, 21 May 2024 14:17:07 -0500 Subject: [PATCH] fix(cpus): workaround for CVE-2024-5660 for Cortex-A710 Implements mitigation for CVE-2024-5660 that affects Cortex-A710 revisions r0p0, r1p0, r2p0, r2p1. The workaround is to disable the hardware page aggregation at EL3 by setting CPUECTLR_EL1[46] = 1'b1. Public Documentation: https://developer.arm.com/Arm%20Security%20Center/Arm%20CPU%20Vulnerability%20CVE-2024-5660 Change-Id: I10feea238600dcceaac7bb75a59db7913ca65cf1 Signed-off-by: Sona Mathew --- lib/cpus/aarch64/cortex_a710.S | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/lib/cpus/aarch64/cortex_a710.S b/lib/cpus/aarch64/cortex_a710.S index b9f6081ee..dce9c7354 100644 --- a/lib/cpus/aarch64/cortex_a710.S +++ b/lib/cpus/aarch64/cortex_a710.S @@ -26,6 +26,13 @@ wa_cve_2022_23960_bhb_vector_table CORTEX_A710_BHB_LOOP_COUNT, cortex_a710 #endif /* WORKAROUND_CVE_2022_23960 */ +/* Disable hardware page aggregation. Enables mitigation for `CVE-2024-5660` */ +workaround_reset_start cortex_a710, CVE(2024, 5660), WORKAROUND_CVE_2024_5660 + sysreg_bit_set CORTEX_A710_CPUECTLR_EL1, BIT(46) +workaround_reset_end cortex_a710, CVE(2024, 5660) + +check_erratum_ls cortex_a710, CVE(2024, 5660), CPU_REV(2, 1) + workaround_reset_start cortex_a710, ERRATUM(1987031), ERRATA_A710_1987031 ldr x0,=0x6 msr S3_6_c15_c8_0,x0